<?php
session_start();
$hostname="mysql-user.cse.msu.edu"; // Host name
$username="hewittry"; // Mysql username
$password="A39777266"; // Mysql password
$database="hewittry"; // Database name
$currPage = "manage";

$id = (int)$_REQUEST["id"];
if (!is_int($id)) { die("Error: Invalid id number."); }

$conn = new mysqli($hostname, $username, $password, $database);

if(isset($_REQUEST['submit'])) 
{
	$price = (int)str_replace("$", "", $_REQUEST['price']);
	$make = $_REQUEST['make'];
	$model = $_REQUEST['model'];
	$year = $_REQUEST['year'];
	$mileage = $_REQUEST['mileage'];
	$color = $_REQUEST['color'];
	$engine = $_REQUEST['engine'];
	$driver = $_REQUEST['drivertype'];
	$doors = $_REQUEST['nodoors'];
	$desc = $_REQUEST['desc'];
	if (!is_int($price)) { die("Error: Invalid price."); }
	
	$picSQL = "";
	if ($_FILES['vehiclePic']['name'] != '')
	{
		if ($_FILES['vehiclePic']['type'] != "image/jpeg")
		{
			die ("Error: new picture must be of type jpeg.");
		}
		else if ($_FILES["pic"]["error"] > 0)
		{
			die("Error: " . $_FILES["pic"]["error"] . "<br />");
		}
		$pic_temp = $_FILES['vehiclePic']['tmp_name'];
		$pic = basename( $_FILES['vehiclePic']['name']);
		$target_path = "upload/" . $pic;
		move_uploaded_file($pic_temp, $target_path);
		$picSQL = ", Photo = '$pic'";
	}
	
	$query = "UPDATE VehicleForSale SET Price = $price, Make = '$make', Model = '$model', VehicleYear = $year, Price = $price, Mileage = $mileage, ExteriorColor = '$color', Engine = '$engine', DriverType = '$driver', NoDoors = $doors, Description = '$desc' $picSQL WHERE VehicleForSaleID = $id";
	$query2 = $query;
	$result = $conn->query($query);
	header("location:manageVehicles.php");
}

include("inc_header.php"); 

$query = "SELECT * FROM VehicleForSale WHERE VehicleForSaleID = " . $id;
$result = $conn->query($query);
if ($result->num_rows == 0) { die ("Error: no record found."); }
$row = $result->fetch_assoc();
?>

	<div id="content">

		<h2><a href="#"><?php echo $row["Make"] . " " . $row["Model"] . " " . $row["VehicleYear"]; ?></a></h2>

		<table>
			<tr>
				<td style="vertical-align: top; padding-right: 20px;"><img src="./upload/<?php echo $row["Photo"]; ?>" style="height: 50px; width: 50px;" /></td>
				<td>
					<form name="form1" method="POST" action="editPost.php?id=<?php echo $id; ?>" enctype="multipart/form-data">
						<table>
							<tr>
								<td>Make:</td>
								<td><input type="text" value="<?php echo $row['Make']; ?>" name="make" /></td>
							</tr><tr>
								<td>Model:</td>
								<td><input type="text" value="<?php echo $row['Model']; ?>" name="model" /></td>
							</tr><tr>
								<td>Year:</td>
								<td><input type="text" value="<?php echo $row['VehicleYear']; ?>" name="year" /></td>
							</tr><tr>
								<td>Price:</td>
								<td><input type="text" value="<?php echo $row['Price']; ?>" name="price" /></td>
							</tr><tr>
								<td>Mileage:</td>
								<td><input type="text" value="<?php echo $row['Mileage']; ?>" name="mileage" /></td>
							</tr><tr>
								<td>Exterior Color:</td>
								<td><input type="text" value="<?php echo $row['ExteriorColor']; ?>" name="color" /></td>
							</tr><tr>
								<td>Engine:</td>
								<td><input type="text" value="<?php echo $row['Engine']; ?>" name="engine" /></td>
							</tr><tr>
								<td>Driver Type:</td>
								<td><input type="text" value="<?php echo $row['DriverType']; ?>" name="drivertype" /></td>
							</tr><tr>
								<td>Number of Doors:</td>
								<td><input type="text" value="<?php echo $row['NoDoors']; ?>" name="nodoors" /></td>
							</tr><tr>
								<td>Picture:</td>
								<td><input type="file" name="vehiclePic" id="vehiclePic" /></td>
							</tr><tr>
								<td>Description:</td>
								<td><textarea name="desc"><?php echo $row['Description']; ?></textarea></td>
							</tr>
						</table>	
						<input type="submit" value="Update" name="submit" />
					</form>				
				</td>
			</tr>
		</table>
	</div>

<?php include("inc_footer.php"); ?>
